Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/D465245EB44411EE80AB5A2AC4F9AE02.roa
File:                     D465245EB44411EE80AB5A2AC4F9AE02.roa (raw, json)
Hash identifier:          IaS8xvXKM33EhfdREAeWTU3D+L8v3Hg8fSZwZN726W8=
Subject key identifier:   06:42:C3:C4:56:21:64:B8:49:EB:74:4F:CE:DC:15:77:5B:82:52:E6
Certificate issuer:       /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial:       3486
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/D465245EB44411EE80AB5A2AC4F9AE02.roa
Signing time:             Tue 16 Jan 2024 07:57:01 +0000
ROA not before:           Tue 16 Jan 2024 07:57:01 +0000
ROA not after:            Sun 02 Mar 2025 00:00:00 +0000
asID:                     140499
IP address blocks:        121.46.67.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jan 2024 11:02:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 13446 (0x3486)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
        Validity
            Not Before: Jan 16 07:57:01 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=65a636cd-342e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e9:95:af:b9:67:a7:93:b1:87:10:0e:2a:f4:
                    30:be:66:51:78:fa:c7:4a:c1:58:a9:bc:e1:43:27:
                    2d:e9:0d:90:1f:f0:68:3f:23:4a:16:d1:81:d5:fe:
                    37:13:90:e3:a8:30:bf:42:8b:e2:6a:d2:70:cd:bb:
                    6f:e3:33:18:c3:d6:d9:98:f8:62:a5:39:54:40:e7:
                    23:f5:c9:2d:8c:39:54:c0:2f:6f:e4:f8:f8:0a:8d:
                    14:73:2b:4b:f4:4c:77:12:67:fc:a0:df:5c:ef:c7:
                    46:7d:5b:fb:03:2e:d5:1c:59:54:ee:22:5d:4c:be:
                    cf:9d:bc:6d:aa:48:e0:5c:35:ab:13:d8:a0:62:02:
                    31:84:da:fd:8c:fb:8f:9f:71:d3:14:1b:39:e0:07:
                    ea:d7:fd:ce:12:d6:05:c2:ab:b2:2f:c7:4e:d2:14:
                    1a:90:27:4b:18:cd:60:02:5b:e5:06:3e:03:10:54:
                    66:8a:c7:3a:af:6c:ed:26:ab:6f:de:34:dc:7c:3d:
                    db:81:f1:9e:ff:8f:09:22:0c:e8:fe:ff:6b:a8:8e:
                    71:4e:56:df:35:7d:ca:9a:44:92:52:23:6b:78:6b:
                    8b:eb:ec:38:c1:cc:75:d8:a9:87:5d:40:7d:db:fb:
                    6a:f1:7a:16:e0:5e:ca:5e:a8:7d:dc:c2:6f:91:a5:
                    4c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:42:C3:C4:56:21:64:B8:49:EB:74:4F:CE:DC:15:77:5B:82:52:E6
            X509v3 Authority Key Identifier:
                keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/D465245EB44411EE80AB5A2AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  121.46.67.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:12:f4:61:f0:b8:2a:64:a0:81:54:50:2d:e8:12:50:28:8c:
         9f:ab:4b:7f:d7:22:0a:3d:14:aa:bf:da:90:29:c1:73:07:b5:
         fb:4d:a8:5f:d6:8a:2d:23:88:d7:62:24:e9:5d:27:b8:01:c4:
         f1:74:b1:81:9b:87:2a:cc:cd:63:89:ac:38:1a:e3:4c:43:8d:
         9e:cf:f8:e5:0f:7a:23:ac:5c:68:a1:fd:88:45:8e:a8:73:d5:
         f4:c3:f2:e2:a3:69:42:e0:06:55:d6:94:dc:64:11:61:df:d1:
         96:2e:9b:b8:2f:09:3d:ed:b1:cf:44:80:0c:50:e5:22:04:92:
         8e:e1:60:31:49:ef:41:c6:26:4c:70:cf:8c:25:ed:2c:bf:b9:
         cb:09:44:fd:c0:30:9b:30:ab:0d:77:3c:bb:f8:5e:71:dd:3e:
         77:67:ee:dd:cf:6a:94:4a:e8:49:fa:54:d0:72:b9:74:34:25:
         8e:d2:c5:39:8f:ff:67:51:5f:dc:33:5f:f4:db:42:9b:98:70:
         30:54:64:8f:bd:f7:18:67:f4:4c:d3:46:fa:51:1c:0a:27:de:
         7a:41:32:3f:f5:47:40:4e:75:cf:b1:1f:4a:b2:09:7e:7b:6c:
         32:46:f1:a5:d9:f3:9f:8b:b4:7b:f1:57:2b:ee:24:14:ac:dc:
         68:ca:28:38
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQwMTE2MDc1NzAxWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWE2MzZjZC0zNDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuOmVr7lnp5OxhxAOKvQwvmZRePrHSsFYqbzhQyct6Q2QH/BoPyNKFtGB1f43
E5DjqDC/QoviatJwzbtv4zMYw9bZmPhipTlUQOcj9cktjDlUwC9v5Pj4Co0UcytL
9Ex3Emf8oN9c78dGfVv7Ay7VHFlU7iJdTL7PnbxtqkjgXDWrE9igYgIxhNr9jPuP
n3HTFBs54Afq1/3OEtYFwquyL8dO0hQakCdLGM1gAlvlBj4DEFRmisc6r2ztJqtv
3jTcfD3bgfGe/48JIgzo/v9rqI5xTlbfNX3KmkSSUiNreGuL6+w4wcx12KmHXUB9
2/tq8XoW4F7KXqh93MJvkaVMCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAZCw8RW
IWS4Set0T87cFXdbglLmMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvRDQ2NTI0NUVC
NDQ0MTFFRTgwQUI1QTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5LkMwDQYJKoZIhvcNAQELBQADggEBAIUS9GHwuCpkoIFU
UC3oElAojJ+rS3/XIgo9FKq/2pApwXMHtftNqF/Wii0jiNdiJOldJ7gBxPF0sYGb
hyrMzWOJrDga40xDjZ7P+OUPeiOsXGih/YhFjqhz1fTD8uKjaULgBlXWlNxkEWHf
0ZYum7gvCT3tsc9EgAxQ5SIEko7hYDFJ70HGJkxwz4wl7Sy/ucsJRP3AMJswqw13
PLv4XnHdPndn7t3PapRK6En6VNByuXQ0JY7SxTmP/2dRX9wzX/TbQpuYcDBUZI+9
9xhn9EzTRvpRHAon3npBMj/1R0BOdc+xH0qyCX57bDJG8aXZ85+LtHvxVyvuJBSs
3GjKKDg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:57 2024 by rpki-client on console-ams.rpki-client.org